2017.2.15 CCNP路由有錯,請更正

gumdun

QUESTION 204 題目應是這樣
7 D; a- T: ]) [9 |, H
  C6 A" F0 F4 e: F/ O7 i& S9 |Which configuration can you apply to a device so that it always permits outbound
web traffic on Saturdays and Sundays between the hours of 1:00AM and 11:59PM?
A. time-range SATSUN periodic Saturday Sunday 1:00 to 23:59
, K7 V+ u6 \$ M% y, \' H2 m/ yaccess-list 102 permit tcp any any eq 80 time-range SATSUN
access-list 102 permit tcp any any eq 443 time-range SATSUN
. Z0 R' `( \8 T, f& V  f& l: ?4 i" t8 L, Linterface Vlan303
* p3 J! }) }6 `ip address 10.9.5.3 255.255.255.0
ip access-group 102 in
B. time-range SATSUN absolute Saturday Sunday 1:00 to 23:59
" c" y! q, N6 s: y+ D( paccess-list 102 permit tcp any any eq 80 time-range SATSUN
3 q! H" w+ W* ~+ ~) W( T3 s; V# haccess-list 102 permit tcp any any eq 443 time-range SATSUN
5 l$ U; J: p5 N  M& d; a+ b3 E. Ninterface Vlan303
ip address 10.9.5.3 255.255.255.0
+ P5 n2 i% `4 W5 S0 m, iip access-group 102 in

& i" t) P/ F+ B: r9 ~C. time-range SATSUN periodic Saturday Sunday 1:00 to 23:59
access-list 102 permit udp any any eq 80 time-range SATSUN
; o+ f: t. K' Y0 Oaccess-list 102 permit tcp any any eq 443 time-range SATSUN
interface Vlan303
3 V0 X# ?7 f4 x& pip address 10.9.5.3 255.255.255.0
# O, T, N: u$ |ip access-group 102 out
D. time-range SATSUN periodic Saturday Sunday 1:00 to 11:59
access-list 102 permit tcp any any eq 80 time-range SATSUN
access-list 102 permit tcp any any eq 443 time-range SATSUN
interface Vlan303
8 l! `- w( i, }& g* `# w& o3 Bip address 10.9.5.3 255.255.255.0
& I$ U5 P. d+ Bip access-group 102 in
6 S0 \& @' k4 ]4 Z1 ?Answer: A

% J$ g- n. @5 V4 o: H1 y0 gExplanation: For the following example, a Telnet connection is permitted from the
3 E7 a7 O: J! S8 X3 Qinside to outside network on Monday, Wednesday, and Friday during business hours:
time-range EVERYOTHERDAY
periodic Monday Wednesday Friday 8:00 to 17:00
access-list 101 permit tcp 10.1.1.0 0.0.0.255 172.16.1.0 0.0.0.255 eq telnet time-range
6 _$ u3 K) t! G  n2 N1 NEVERYOTHERDAY
5 c! H# x" I7 Hinterface Ethernet0/0
: A+ J/ l; D3 zip address 10.1.1.1 255.255.255.0
ip access-group 101 in
For the question, answer B is incorrect because of the portion “absolute”. Usage of
9 ?% y  |! a! A+ K1 D7 _: r2 u# n“absolute” is as follows:
time-range test
absolute start 8:00 1 January 2017 end 18:00 31 March 2017
% U" e5 O. T# H3 WAnswer C is incorrect because of the portion “udp”. Also, for applying access list on
NAT inside interface (i.e. with private IP address 10.9.5.3) to block outbound web
1 I6 A+ ]' V! B+ [traffic, the portion “out” is wrong.
3 R& k- I2 p/ d$ a0 ]( f3 hAnswer D is incorrect because of the portion “11:59” which means 11:59AM.

Rockyw

路过了解一下

gumdun

QUESTION 182 正確答案是這個
: y% C7 b9 X9 d6 gYou have implemented mutual route redistribution between OSPF and EIGRP on a border router. When checking the routing table on one of the EIGRP routers within the EIGRP routing domain, you are seeing some, but not all of the expected routes. What should you verify to troubleshoot this problem?

A. The border router is using a proper seed metric for OSPF.
2 Q9 G! B: j5 j9 H) H% IB. The border router is using a proper seed metric for EIGRP.
C. The administrative distance is set for OSPF and EIGRP.
. i& \# I' f1 SD. The missing OSPF routes are present in the routing table of the border router.
0 [/ k' j6 I0 n& ~* }( c  F: o3 uE. The subnet keyword on the border router in the redistribute OSPF command.
* {( a6 \1 W, P4 b; z6 ~


Answer: D

9 ^  Y5 f+ N& a! J: ~0 x# ~! J2 E. GExplanation
& a8 G  b7 ~9 w( E, Z
+ T  I; q+ I6 L. H8 L" SWe are checking the routing table on EIGRP routers not OSPF so we don’t need to check the seed metric for OSPF. Besides OSPF doesn’t need to specify seed metric as all external routes get a default metric of 20 (except for BGP, which is 1) -> A is not correct.
+ l8 P' u3 \/ |: P2 r
, A2 w9 q/ L4 s  B# m6 tWe must specify seed metrics when redistributing into EIGRP (and RIP). If not all the redistributed routes will not be seen but the question says only some routes are missing -> B is not correct.
9 I* h2 W+ c, G
- \2 c' x  Z7 ]/ C6 Y- u3 K5 Q6 hThe default administrative distance for external routes redistributed into EIGRP is 170 so we don’t need to set it -> C is not correct.

& @1 ~  z$ h" \1 t5 I5 RThe sunbet keyword is only used when redistributing into OSPF, not to other routing protocols -> E is not correct.
/ h# Q! _6 J, w" t+ H8 [# K
: C' M4 ~6 _6 _& K) qWe should check the routing table of the border router to see the missing OSPF routes are there or not. An incorrect distribute-list can block some routes and we can’t see it in other EIGRP routers -> D is correct.
) j( E8 ~- a' t. u3 N

Rockyw

路过了解一下

Rockyw

路过了解一下

江南/sun

gumdun

QUESTION 185

6 {$ a3 Y8 [9 h: y2 h8 X7 }/ l4 U* W; QWhat is the difference between the IPv6 addresses ::/0 and ::/128?

A. /0 is the unspecified address, and ::/128 is the multicast address.
' f7 R" s  c, e$ rB. /0 is the unicast address, and ::/128 is the anycast address.
C. /0 is the unicast address, and ::/128 is the multicast address.
D. /0 is the anycast address, and ::/128 is the multicast address.
% p! R$ Y- w4 M* c: P) [E. /0 is the default route, and ::/128 is the unspecified address.
1 k$ t7 s& r, h9 C* s4 ^F. /0 is the anycast address, and ::/128 is the default address.
正確ans 是
Answer: E